[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Proposed Agenda for 21 January 2016 TC Meeting
Time: 2:30 PM EST (-0500 GMT) Tel: 1-712-775-7031 Access Code: 620-103-760 Proposed Agenda for 21 January 2016 TC Meeting I. Roll Call & Minutes Approve Minutes 7 January 2015 https://lists.oasis-open.org/archives/xacml/201601/msg00027.html II. Administrivia XACML TC Meeting(s) - dates for upcoming meetings set: https://lists.oasis-open.org/archives/xacml/201601/msg00023.html ABAC Definition: hal: comment and refs to abac defns: https://lists.oasis-open.org/archives/xacml/201601/msg00028.html david: additional refs and perspective: https://lists.oasis-open.org/archives/xacml/201601/msg00029.html NIST publication on ABAC comparing XACML and NGAC reported last mtg that comments were to end 15-Jan-16 III. Issues Default behavior for unrecognized resource attributes emails since last mtg adjourned: erik: comments on scope of policy and external to the policy conditions that can impact results. ex. emergency override, invalid policy semantics, etc. https://lists.oasis-open.org/archives/xacml/201601/msg00024.html erik: comments on whether policies can be required to contain attrs in some automated manner (ex. ext existence of attr may imply must be in policy) https://lists.oasis-open.org/archives/xacml/201601/msg00025.html martin: consider legal responsibilities of resource owner; tags can imply specific policies need to be applied; also new consideration: reluctance to identify access rights that should have been revoked; i.e. stickiness of access privs, vs quick identification of improper denial decisions https://lists.oasis-open.org/archives/xacml/201601/msg00026.html hal: questions to erik on feasibility of defining the "true intent" vs what is contained in the "actual policy" https://lists.oasis-open.org/archives/xacml/201601/msg00030.html erik: clarifies: use case is PEP contains unknown attr to policy in request: can policy be designed to recognize that an attr it doesn't recognize is in the req and that fact should be used in the decision? erik says this is example of policy correctness criteria, which is a much broader subject than this 1 case: https://lists.oasis-open.org/archives/xacml/201601/msg00031.html bill: policy versioning can help this overall situation, which has been discussed in the past by TC: https://lists.oasis-open.org/archives/xacml/201601/msg00032.html --
Thanks, Rich
|
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]